General
-
Target
cd2f2f65ccf271a8d5570be3cbcc0a48b4a4d90aa8e470688c9e4ba327b9883d
-
Size
5.6MB
-
Sample
240528-asrmaaff61
-
MD5
076a30ebad0aa693dd427df6f32cae45
-
SHA1
bba4881559b02cfa26968abb7353771d4b2009c6
-
SHA256
cd2f2f65ccf271a8d5570be3cbcc0a48b4a4d90aa8e470688c9e4ba327b9883d
-
SHA512
f7efc187b66a5472aeaf2b3455edb42595893b3f4cdd0f6e739d5741d9d6e0a1dcef76bee1144b2fe49db3c14da6a297e26b883692e09a798aa7b4e9e5be3bf4
-
SSDEEP
98304:moFOlLDG87F+dBIIfMhajCe90hsUhlGIwgXh7AsZUGa7DXQq8XqfY:DILq8hCIIfw/h1hgI9XCsZUDvAqeqfY
Malware Config
Targets
-
-
Target
cd2f2f65ccf271a8d5570be3cbcc0a48b4a4d90aa8e470688c9e4ba327b9883d
-
Size
5.6MB
-
MD5
076a30ebad0aa693dd427df6f32cae45
-
SHA1
bba4881559b02cfa26968abb7353771d4b2009c6
-
SHA256
cd2f2f65ccf271a8d5570be3cbcc0a48b4a4d90aa8e470688c9e4ba327b9883d
-
SHA512
f7efc187b66a5472aeaf2b3455edb42595893b3f4cdd0f6e739d5741d9d6e0a1dcef76bee1144b2fe49db3c14da6a297e26b883692e09a798aa7b4e9e5be3bf4
-
SSDEEP
98304:moFOlLDG87F+dBIIfMhajCe90hsUhlGIwgXh7AsZUGa7DXQq8XqfY:DILq8hCIIfw/h1hgI9XCsZUDvAqeqfY
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-